Test Kennung:	1.3.6.1.4.1.25623.1.0.100663
Kategorie:	SMTP problems
Titel:	Exim < 4.72 RC2 Multiple Vulnerabilities
Zusammenfassung:	Exim is prone to multiple vulnerabilities.
Beschreibung:	Summary: Exim is prone to multiple vulnerabilities. Vulnerability Insight: 1. Exim creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible. 2. Exim is prone to a local privilege escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges on affected computers. Affected Software/OS: Versions prior to Exim 4.72 RC2 are vulnerable. Solution: Updates are available. Please see the references for more information. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2024 BugTraq ID: 40454 http://www.securityfocus.com/bid/40454 Bugtraq: 20100603 Multiple vulnerabilities in Exim (Google Search) http://www.securityfocus.com/archive/1/511653/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html http://secunia.com/advisories/40019 http://secunia.com/advisories/40123 http://secunia.com/advisories/43243 SuSE Security Announcement: SUSE-SR:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://www.ubuntu.com/usn/USN-1060-1 http://www.vupen.com/english/advisories/2010/1402 http://www.vupen.com/english/advisories/2011/0364 XForce ISS Database: exim-mbx-symlink(59042) https://exchange.xforce.ibmcloud.com/vulnerabilities/59042 Common Vulnerability Exposure (CVE) ID: CVE-2010-2023 BugTraq ID: 40451 http://www.securityfocus.com/bid/40451 XForce ISS Database: exim-mail-directory-priv-escalation(59043) https://exchange.xforce.ibmcloud.com/vulnerabilities/59043
Copyright	Copyright (C) 2010 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.